Mobile networks allow devices to connect to external packet switched networks (such as the Internet) as part of the basic service provided within the network as defined by international standard bodies. Example of such international standard bodies include 3rd Generation Partnership Project (3GPP) for Global System for Mobile Communications (GSM)/Universal Mobile Telecommunication System (UMTS)/Long-Term Evolution (LTE) domains, Time Division Multiple Access (TDMA)/Code Division Multiple Access (CDMA)/CDMA2000 networks, and newer network design initiatives such as LoRa and SIGFOX.
In such systems, the packet data coming to and from a mobile device is transmitted via the radio network to elements such as a Base Transceiver Station (BTS) in a 2G network, a NodeB in a 3G network or an eNodeB in a 4G network. Thereafter, the packet data is sent using tunnels towards a Serving General Packet Radio Service (GPRS) Support Node (SGSN) in a 2G/3G network or the Serving Gateway (SGW) in a 4G network or similar device in other mobile network solutions.
GPRS Tunnelling Protocol (GTP) tunnels from all mobile devices are aggregated towards a Gateway GPRS Support Node (GGSN) in a 2G/3G network or the PDN Gateway (PGW) in a 4G network or similar device in other mobile network solutions. These devices then merge many Ethernet connections containing numerous tunnels in each connection.
It is then the responsibility of the GGSN or PGW to disperse the aggregated GTP tunnels traffic into multiple data streams and route every single stream into its designated destination on the external packet switched network as initially designated by the mobile device.
The 3GPP standards also define that each mobile device will define a routing context with whom it connects to the proper GGSN or PGW, called the Access Point Name (APN). 3GPP standards allow for each APN to have its own routing and security policy within the GGSN or PGW along with the ability to route the packet data through a firewall using a specific rule set.
However, such APN customized rule sets are defined by the mobile network operator personnel as he or she has the only access to the router equipment (e.g. GGSN or PGW).
In contrast, outside of the mobile network context, individuals or organizations are able to deploy their own routing and firewall equipment and maintain full control over the network capabilities of their devices. This capability is today deprived from any individual or organization which wants to define its own routing and security policies over its mobile devices, as this policy can only be defined by the mobile network operator.